''){
$sql = "SELECT DISTINCT uniqueid,author FROM " . db_prefix("commentary") . " INNER JOIN " . db_prefix("accounts") . " ON acctid=author WHERE commentid IN ('" . join("','",array_keys($comment)) . "')";
$result = db_query($sql);
$untildate = date("Y-m-d H:i:s",strtotime("+3 days"));
$reason = httppost("reason");
$reason0 = httppost("reason0");
$default = "Banned for comments you posted.";
if ($reason0 != $reason && $reason0 != $default) $reason = $reason0;
if ($reason=="") $reason = $default;
while ($row = db_fetch_assoc($result)){
$sql = "SELECT * FROM " . db_prefix("bans") . " WHERE uniqueid = '{$row['uniqueid']}'";
$result2 = db_query($sql);
$sql = "INSERT INTO " . db_prefix("bans") . " (uniqueid,banexpire,banreason,banner) VALUES ('{$row['uniqueid']}','$untildate','$reason','".addslashes($session['user']['name'])."')";
$sql2 = "UPDATE " . db_prefix("accounts") . " SET loggedin=0 WHERE acctid={$row['author']}";
if (db_num_rows($result2)>0){
$row2 = db_fetch_assoc($result2);
if ($row2['banexpire'] < $untildate){
//don't enter a new ban if a longer lasting one is
//already here.
db_query($sql);
db_query($sql2);
}
}else{
db_query($sql);
db_query($sql2);
}
}
}
if (!isset($comment) || !is_array($comment)) $comment = array();
$sql = "SELECT " .
db_prefix("commentary").".*,".db_prefix("accounts").".name,".
db_prefix("accounts").".login, ".db_prefix("accounts").".clanrank,".
db_prefix("clans").".clanshort FROM ".db_prefix("commentary").
" INNER JOIN ".db_prefix("accounts")." ON ".
db_prefix("accounts").".acctid = " . db_prefix("commentary").
".author LEFT JOIN ".db_prefix("clans")." ON ".
db_prefix("clans").".clanid=".db_prefix("accounts").
".clanid WHERE commentid IN ('".join("','",array_keys($comment))."')";
$result = db_query($sql);
$invalsections = array();
while ($row = db_fetch_assoc($result)){
$sql = "INSERT LOW_PRIORITY INTO ".db_prefix("moderatedcomments").
" (moderator,moddate,comment) VALUES ('{$session['user']['acctid']}','".date("Y-m-d H:i:s")."','".addslashes(serialize($row))."')";
db_query($sql);
$invalsections[$row['section']] = 1;
}
$sql = "DELETE FROM " . db_prefix("commentary") . " WHERE commentid IN ('" . join("','",array_keys($comment)) . "')";
db_query($sql);
$return = httpget('return');
$return = cmd_sanitize($return);
$return = substr($return,strrpos($return,"/")+1);
if (strpos($return,"?")===false && strpos($return,"&")!==false){
$x = strpos($return,"&");
$return = substr($return,0,$x-1)."?".substr($return,$x+1);
}
foreach($invalsections as $key=>$dummy) {
invalidatedatacache("comments-$key");
}
//update moderation cache
invalidatedatacache("comments-or11");
redirect($return);
}
$seen = httpget("seen");
if ($seen>""){
$session['user']['recentcomments']=$seen;
}
page_header("Comment Moderation");
if ($op==""){
$area = httpget('area');
$link = "moderate.php" . ($area ? "?area=$area" : "");
$refresh = translate_inline("Refresh");
rawoutput("");
addnav("", "$link");
if ($area==""){
talkform("X","says");
commentdisplay("", "' or '1'='1","X",100);
}else{
commentdisplay("", $area,"X",100);
talkform($area,"says");
}
}elseif ($op=="audit"){
$subop = httpget("subop");
if ($subop=="undelete") {
$unkeys = httppost("mod");
if ($unkeys && is_array($unkeys)) {
$sql = "SELECT * FROM ".db_prefix("moderatedcomments")." WHERE modid IN ('".join("','",array_keys($unkeys))."')";
$result = db_query($sql);
while ($row = db_fetch_assoc($result)){
$comment = unserialize($row['comment']);
$id = addslashes($comment['commentid']);
$postdate = addslashes($comment['postdate']);
$section = addslashes($comment['section']);
$author = addslashes($comment['author']);
$comment = addslashes($comment['comment']);
$sql = "INSERT LOW_PRIORITY INTO ".db_prefix("commentary")." (commentid,postdate,section,author,comment) VALUES ('$id','$postdate','$section','$author','$comment')";
db_query($sql);
invalidatedatacache("comments-$section");
}
$sql = "DELETE FROM ".db_prefix("moderatedcomments")." WHERE modid IN ('".join("','",array_keys($unkeys))."')";
db_query($sql);
} else {
output("No items selected to undelete -- Please try again`n`n");
}
}
$sql = "SELECT DISTINCT acctid, name FROM ".db_prefix("accounts").
" INNER JOIN ".db_prefix("moderatedcomments").
" ON acctid=moderator ORDER BY name";
$result = db_query($sql);
addnav("Commentary");
addnav("Sections");
addnav("Modules");
addnav("Clan Halls");
addnav("Review by Moderator");
tlschema("notranslate");
while ($row = db_fetch_assoc($result)){
addnav(" ?".$row['name'],"moderate.php?op=audit&moderator={$row['acctid']}");
}
tlschema();
addnav("Commentary");
output("`c`bComment Auditing`b`c");
$ops = translate_inline("Ops");
$mod = translate_inline("Moderator");
$when = translate_inline("When");
$com = translate_inline("Comment");
$unmod = translate_inline("Unmoderate");
rawoutput("");
}
addnav("Sections");
tlschema("commentary");
$vname = getsetting("villagename", LOCATION_FIELDS);
addnav(array("%s Square", $vname), "moderate.php?area=village");
if ($session['user']['superuser'] & ~SU_DOESNT_GIVE_GROTTO) {
addnav("Grotto","moderate.php?area=superuser");
}
addnav("Land of the Shades","moderate.php?area=shade");
addnav("Grassy Field","moderate.php?area=grassyfield");
$iname = getsetting("innname", LOCATION_INN);
// the inn name is a proper name and shouldn't be translated.
tlschema("notranslate");
addnav($iname,"moderate.php?area=inn");
tlschema();
addnav("MotD","moderate.php?area=motd");
addnav("Veterans Club","moderate.php?area=veterans");
addnav("Hunter's Lodge","moderate.php?area=hunterlodge");
addnav("Gardens","moderate.php?area=gardens");
addnav("Clan Hall Waiting Area","moderate.php?area=waiting");
if (getsetting("betaperplayer", 1) == 1 && @file_exists("pavilion.php")) {
addnav("Beta Pavilion","moderate.php?area=beta");
}
tlschema();
if ($session['user']['superuser'] & SU_MODERATE_CLANS){
addnav("Clan Halls");
$sql = "SELECT clanid,clanname,clanshort FROM " . db_prefix("clans") . " ORDER BY clanid";
$result = db_query($sql);
// these are proper names and shouldn't be translated.
tlschema("notranslate");
while ($row=db_fetch_assoc($result)){
addnav(array("<%s> %s", $row['clanshort'], $row['clanname']),
"moderate.php?area=clan-{$row['clanid']}");
}
tlschema();
} elseif ($session['user']['superuser'] & SU_EDIT_COMMENTS &&
getsetting("officermoderate", 0)) {
// the CLAN_OFFICER requirement was chosen so that moderators couldn't
// just get accepted as a member to any random clan and then proceed to
// wreak havoc.
// although this isn't really a big deal on most servers, the choice was
// made so that staff won't have to have another issue to take into
// consideration when choosing moderators. the issue is moot in most
// cases, as players that are trusted with moderator powers are also
// often trusted with at least the rank of officer in their respective
// clans.
if (($session['user']['clanid'] != 0) &&
($session['user']['clanrank'] >= CLAN_OFFICER)) {
addnav("Clan Halls");
$sql = "SELECT clanid,clanname,clanshort FROM " . db_prefix("clans") . " WHERE clanid='" . $session['user']['clanid'] . "'";
$result = db_query($sql);
// these are proper names and shouldn't be translated.
tlschema("notranslate");
if ($row=db_fetch_assoc($result)){
addnav(array("<%s> %s", $row['clanshort'], $row['clanname']),
"moderate.php?area=clan-{$row['clanid']}");
} else {
debug ("There was an error while trying to access your clan.");
}
tlschema();
}
}
addnav("Modules");
$mods = array();
$mods = modulehook("moderate", $mods);
reset($mods);
// These are already translated in the module.
tlschema("notranslate");
foreach ($mods as $area=>$name) {
addnav($name, "moderate.php?area=$area");
}
tlschema();
page_footer();
?>